Innogy trains Hack against Blackouts | Economy | '
The energy industry reacts to the growing danger of hacker attacks on the power supply in Germany. The largest German power grid operator now has a training center in Essen, where the defense of digital attacks is practiced. "The attackers are getting better," said the president of the Federal Office for Information Security (BSI), Arne Schönbohm, on Monday at the opening of the "cyberrange-e" facility.
The training center helps that "even the defenders are better". A blackout across entire areas could at worst be the result of a hacker attack. As in 2015 in Ukraine, when hackers took over several substations and hundreds of thousands of households were without electricity for hours. Schoenbohm had already warned that "attackers could make it into central areas of power supply in Germany as well", "perhaps only a matter of time".
Networking as an Achilles heel
With increasing digitalization and the convergence of power grids and the Internet, more and more entry points for cyber attacks are opening up. In the past year alone, 270 incidents in the energy sector were reported to the BSI. Not everyone was an attack. But the tools used by hackers would become more aggressive, warned Schönbohm.
The red hacker team uses the cyber defense of the network operators in real time
Norbert Pohlmann, director of the Institute for Internet Security at the Westfälische Hochschule Gelsenkirchen, is also convinced: "Cyber attacks will play a bigger role in the future."
Power grids are because of their central importance for economy and society a particularly attractive point of attack for foreign states or terrorists. "This increases the likelihood that they will be attacked."
What happens when hackers creep into the control centers of utilities or network operators and manipulate processes is simulated in an office building near Essen's Innogy headquarters. "War Gaming," the energy company martially calls the live role-playing game, for which the control systems of a network control center of the participating company are recreated.
Red against blue
As in a military maneuver then red against blue. The blue team, real employees of the energy companies, has to fend off the attacks of the red team of professional hackers, which is housed in another room.
"The anonymous threat of a cyberattack is thus real for you to experience," Innogy promotes the training offer. In the process, the stress factor for the participants will be gradually increased. What starts with simple phishing emails can end with the complete adoption of the systems by the hackers. And to make the threat physically tangible, the attackers can also turn up the heating in the defenders' room. The goal of the exercises: Do not panic and react properly in an attack.
The collapse of the power grids put Buenos Aires on 16 June 2019 lame
Innogy has developed the concept for the training center with a company founded by Israeli security experts, which has been operating such "CyberGyms" for some time. The Essen-based company not only wants to train its own employees in the training facility to fight its invisible opponents. Other energy providers and network operators will also be able to test in Essen whether their security measures against intruders work.
So far, the dams of power companies and municipal utilities have kept. "The operators have better secured their IT in recent years and organizationally adjusted to the risk situation," praised the BSI. In international comparison, the German energy sector is well positioned. Completely undamaged she did not escape during attacks. Ironically, the Innogy mother RWE was the victim of a cyber attack during the clashes over the Hambach Forest last autumn. Overload attacks paralyzed the corporate website of the lignite evaporator for hours.
ليست هناك تعليقات